diff --git a/backport-CVE-2025-6141.patch b/backport-CVE-2025-6141.patch
new file mode 100644
index 0000000000000000000000000000000000000000..764adf97a9c09c7e8e0d6c1f13b55a881ededb2d
--- /dev/null
+++ b/backport-CVE-2025-6141.patch
@@ -0,0 +1,33 @@
+From 27d1493340d714e7be6e08c0a8f43e48276149c4 Mon Sep 17 00:00:00 2001
+From: "Thomas E. Dickey" <dickey@invisible-island.net>
+Date: Sat, 29 Mar 2025 22:52:37 +0000
+Subject: [PATCH] snapshot of project "ncurses", label v6_5_20250329
+
+Conflict:remove unnecessary modifications
+Reference:https://github.com/ThomasDickey/ncurses-snapshots/commit/27d1493340d714e7be6e08c0a8f43e48276149c4
+---
+ ncurses/tinfo/parse_entry.c      |  4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c
+index a2278c07f..c551c780b 100644
+--- a/ncurses/tinfo/parse_entry.c
++++ b/ncurses/tinfo/parse_entry.c
+@@ -48,7 +48,7 @@
+ #include <ctype.h>
+ #include <tic.h>
+ 
+-MODULE_ID("$Id: parse_entry.c,v 1.108 2023/04/24 22:32:33 tom Exp $")
++MODULE_ID("$Id: parse_entry.c,v 1.116 2025/03/24 22:27:29 tom Exp $")
+ 
+ #ifdef LINT
+ static short const parametrized[] =
+@@ -990,6 +990,8 @@ postprocess_termcap(TERMTYPE2 *tp, bool has_base)
+ 	    bp = tp->Strings[from_ptr->nte_index];
+ 	    if (VALID_STRING(bp)) {
+ 		for (dp = buf2; *bp; bp++) {
++		    if ((size_t) (dp - buf2) >= (sizeof(buf2) - sizeof(TERMTYPE2)))
++			  break;
+ 		    if (bp[0] == '$' && bp[1] == '<') {
+ 			while (*bp && *bp != '>') {
+ 			    ++bp;
diff --git a/ncurses.spec b/ncurses.spec
index f186c62f23198c76adb2f5813ec1ba6164330b7b..da04a53cec635322fb3458ee0c2025c3942cc42c 100644
--- a/ncurses.spec
+++ b/ncurses.spec
@@ -1,6 +1,6 @@
 name:          ncurses
 Version:       6.4
-Release:       9
+Release:       10
 Summary:       Terminal control library
 License:       MIT
 URL:           https://invisible-island.net/ncurses/ncurses.html
@@ -17,6 +17,7 @@ Patch16:       backport-fix-coredump-when-use-Memmove.patch
 Patch17:       backport-CVE-2023-50495.patch
 Patch18:       backport-CVE-2023-45918.patch
 Patch19:       ncurses-sw-support.patch
+Patch20:       backport-CVE-2025-6141.patch
 
 BuildRequires: make gcc gcc-c++ gpm-devel pkgconfig
 
@@ -251,6 +252,12 @@ xz NEWS
 %{_mandir}/man7/*
 
 %changelog
+* Mon Jul 14 2025 yanglu <yanglu72@h-partners.com> - 6.4-10
+- Type:CVE
+- CVE:CVE-2025-6141
+- SUG:NA
+- DESC:fix CVE-2025-6141
+
 * Mon Feb 17 2025 zhangshaoning <zhangshaoning@uniontech.com> - 6.4-9
 - Add sw_64 support